is there any security risk I should be worried about with my linux
setup? It is used to ip masq two other computers and I just wanted to
know if there are any risks of malicious attacks on my linux box.
Mike
by Michael M. Ka » Thu, 04 Dec 1997 04:00:00
is there any security risk I should be worried about with my linux
setup? It is used to ip masq two other computers and I just wanted to
know if there are any risks of malicious attacks on my linux box.
Mike
by Stuart Colli » Fri, 05 Dec 1997 04:00:00
Mike,
Ummm.. I believe that you have just entered a police station and asked
"is there anyone who might want to break into my house? How Do I
secure my house?"
Now admittedly you have mentioned that you have a ranch, one car garage,
and an alarm system. But it would probably help to have even more
information.
For instance, are you wondering about any and all risks to linux systems
in general? Or Your specific version? (Which ever version it is.) Are you
asking for a list of all known attacks? Or just any known holes in the
latest version of linux?
Mind you, no matter which question you are going for, it is likely that
this is a good place to ask it, and it is good that it get asked.
Finally, if it is general security stuff you are wondering about, you
might peruse:
ftp://info.cert.org/pub/tech_tips/UNIX_configuration_guidelines
Stu
-----
: is there any security risk I should be worried about with my linux
: setup? It is used to ip masq two other computers and I just wanted to
: know if there are any risks of malicious attacks on my linux box.
: Mike
1. IMPORTANT PPP SECURITY ISSUE
FreeBSD News Group:
I wanted to point out some Security issues that you need to take into
consideration when connected to your ISP.
ISSUES:
When you are connected to your ISP and you are using Dynamic or Static
IP addressing your system is seen to the outside world. For example, anyone
who can determine your IP address will have the capability of logging into
your machine. It will not matter what type of OS you are running. As long as
you are connected to the Internet your IP address is Public and hackers can
login into your system.
COUNTER MEASURES:
To guard against hackers telneting or ftping into your machine and
compromising the security of you system do the following:
1. Make ABSOLUTELY certain that each user on your system has a pass word.
The password should NOT be easy to guess and should consist of upper, lower
case letters and numbers.
2. The root pass word MUST meet the requirements in 1.
3. Make your /etc/passwd file and any pass word encrypted file
read/write only by root.
4. Make sure users do not have su to root capabilities
I hope this helps. I will welcome comments, suggestions and any other
security issues other users have found.
Thanks,
Angel G. Ortiz
305-973-5022
3. SLIP/PPP Dial in and security issues
4. NCR53c7,8xx no IRQ not free
6. A strange DNS occurrence...
7. SGI Security Advisory 19970503-01-PX - runpriv Security Issue
8. Web Chat: Solstice(TM) Enterprise Manager(TM) 2.1
9. PPP and PPP and PPP and PPP and PPP and HEADACHE
11. Apache 'web-tree' security issue -> Index of......
12. PRESS RELEASE - Internet Security Issue
13. Expect Scripts and Security Issues